Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings

CVE-2022-1763

The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers.

CVE-2022-1762

The Peterâ€™s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more.

CVE-2022-1761

The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escaping

CVE-2022-1759

The Genki Pre-Publish Reminder WordPress plugin through 1.4.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS as well as RCE when custom code is added via the plugin settings.

CVE-2022-1758

The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER['REQUEST_URI'] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below.

CVE-2022-1756

Cross-site scripting vulnerability exists in WP Statistics versions prior to 13.2.0 because it improperly processes a platform parameter. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the website using the product.

CVE-2022-27231: WP Statistics

By Owais Sultan
If you own a WordPress website this article is for you because it addresses WordPress security and protection…
This is a post from HackRead.com Read the original post: How To Secure WordPress Website From Cyber Attacks?

****If you own a WordPress website this article is for you because it addresses WordPress security and protection against cyber attacks.****

WordPress is a widely used CMS (content management system), powering a significant proportion of all available websites. Unfortunately, it also attracts cyber criminals who take advantage of the platform’s security flaws.

It does not mean that WordPress’s security mechanism is ineffective. Security issues can also occur due to the absence of security measures from the users’ side such as outdated or malware-infected plugins. Therefore, it is crucial to take security measures before your WordPress website becomes a target of a malicious attack.

Although you can maintain network security while transferring files by understanding the TCP vs UDP comparison and selecting the best one for web security, some valuable yet small details might help you secure your website in the long run.

*   **What Is the Importance of WordPress Website Security?**

A hacked WordPress site can significantly harm your company’s income and credibility. Cybercriminals can access passwords and user information and even exploit the site to spread malware or harvest login credentials and banking card information. Therefore, providing a secure platform for your website’s users/visitors is a must.

Also, keeping a high-end website requires maintaining your WordPress website’s safety. Website security has a direct impact on search engine visibility. And the most straightforward strategy to improve your search ranking is to improve your security. Thus, the importance of WordPress website security cannot be denied whatsoever.

*   **Is WordPress a Safe Platform?**

If this question always pops up in your mind, you are not alone. It is one of the most frequently asked questions. And the answer to this question is “Yes, it is safe.” It is safe for the most part as long as you take all necessary security precautions seriously.

*   **Avoid “Admin” Username**

The disclosure of a username may not appear to be particularly harmful. Still, it might set off a chain reaction of security flaws that can lead to account identity theft, hijacking, or financial harm.

If you have named the site’s administrator as admin, it is recommended to change it because cyber criminals are good at exploiting platforms with default setups. They understand that “admin” is frequently used as an administrator account. They may exploit that username in a “brute force” attack. Avoid the “Admin” username and save your WordPress website from such attacks.

*   **WordPress Must Be Updated Regularly**

WordPress publishes software updates regularly to enhance security and speed. These upgrades also help in keeping your site safe from cyber attacks. The most straightforward approach to improving your WordPress website’s security is to update your WordPress version. 

To see if you own the most recent WordPress version, go to Dashboard, then click on Updates.

Stay updated on the release dates for new upgrades to guarantee that your site isn’t running an old WordPress version. Moreover, try to update the plugins and themes on your WordPress site. Older plugins and themes might cause conflicts with the newly updated WordPress software, resulting in problems and security vulnerabilities.

*   **Limit the Number of Log In Times**

Cybercriminals may try to guess your admin password via a brute force attack or use leaked credentials to log in to the site. You can reduce their chances of winning by limiting the number of times they can try to log in. As a result, if someone continuously enters the incorrect password, they will be blocked for hours, months, or even years depending on what options you select.

Thus, Limit Login Attempts is a plugin that you may use to secure your website. It works by allowing you to set up a significant number of wrong passwords that may be entered before the IP address of the person who entered the wrong password is locked out.

*    **All Hotlinking Should Be Disabled**

Rather than downloading the file, putting it on your server, and providing a correct citation. Hotlinking or Inline linking is a technique of linking to a file stored on another site. It is most commonly used for images, but it may also be used for videos, music files, flash animations, and other digital content.

If you want to keep your WordPress website secure, hotlinking should be disabled. Otherwise, you’ll notice slower loading times, the possibility of more server expenses, and an increased risk of being hacked.

Although there are several manual methods for avoiding hotlinking, the most straightforward solution is to use a WordPress security plugin. The All-in-One WP Security and Firewall plugin, for example, has built-in solutions for preventing all hotlinking.

*   **Use Two-Factor Authentication**

Two-factor authentication, often known as 2FA, dual-factor authentication, or two-step verification, is a security method in which users validate their identity using two independent authentication factors. This is another smart step to include in your security strategies.

The authentication can be a conventional password followed by a security question, a combination of letters, a hidden code, or the Google Authenticator application delivering a secret code to your phone. The person who has your phone may log in to your website. It is used to safeguard a user’s credentials and the information they have access to.

**Conclusion**

Malicious actors are continuously coming up with new ways to use a company’s online presence against them, while cyber security specialists are always coming up with new ways to resist them.

This is the never-ending cycle of cybersecurity, and we’re all trapped in its center. Your WordPress site is just like any other website on the internet when it comes to cyber-attacks. However, by following the above-recommended tips and hacks, you can secure your WordPress website from cyber criminals or at least reduce the risk of being attacked. 

**More WordPress Security News**

1.  7 Tips to Increase Your WordPress Security
2.  5 WordPress Security Solutions with Free SSL Certificates
3.  Critical WordPress plugin vulnerability allowed wiping databases
4.  Flaws in 2 famous WordPress plugins put millions of websites at risk
5.  WordPress security: Steps to assess employee before granting admin access

How To Secure WordPress Website From Cyber Attacks?

WordPress Motopress Hotel Booking Lite plugin version 4.2.4 suffers from a persistent cross site scripting vulnerability.

    # Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting (XSS)# Date: 2022-06-05# Exploit Author: Sanjay Singh# Vendor Homepage: https://motopress.com/# Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip# Version: 4.2.4# Tested on: Windows/XAMPP###########################################################################PoC:1. http://localhost/wp-admin/edit.php?post_type=mphb_room_type2. Click on "Add Accommodation Type".3. Add title payload= "><script>alert("XSS")</script>4. Excerpt input payload "><script>alert("XSS")</script>5. Click publish.6. Visit http://localhost/accommodations/7. XSS payload execute.

WordPress Motopress Hotel Booking Lite 4.2.4 Cross Site Scripting

WordPress Download Manager versions 3.2.42 and below suffer from a cross site scripting vulnerability.

    Description: Reflected Cross-Site ScriptingAffected Plugin: Download ManagerPlugin Slug: download-managerPlugin Developer: codename065Affected Versions: <= 3.2.42CVE ID: CVE-2022-1985CVSS Score: 6.1 (Medium)CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NResearcher/s: Rafie Muhammad (Yeraisci)Fully Patched Version: 3.2.43Download Manager is a file and document management plugin to help manage and control file downloads with various file download controls to restrict unauthorized file access. The plugin also provides a complete solution to sell digital products from WordPress sites, including checkout functionality to complete an order. One feature of the plugin is the ability to use a shortcode to embed files and other assets in a page or post. This function was found to be vulnerable to reflected Cross-Site Scripting.Secure coding practices would include checks to sanitize the input received by the page, and escaping that code on the output to ensure that only approved inputs and outputs are presented. Unfortunately, insufficient input sanitization and output escaping on the $_REQUEST[‘frameid’] parameter found in the ~/src/Package/views/shortcode-iframe.php file of the Download Manager plugin made it possible for an attacker to run arbitrary code in a victim’s browser by getting them to click on a specially crafted URL. This is due to the fact that the ‘frameid’ parameter was echoed to the page without sufficient user input validation.Without proper sanitization and escaping in place on user-supplied inputs, JavaScript can be used to manipulate the page. Even an unsophisticated attacker could hijack the form and use it to trick a site administrator into unknowingly disclosing sensitive information, or to collect cookie values.More specialized attackers would use this capability to gain administrator access or add a backdoor and take over the site. If the attacker gains this access, they would have access to the same information the administrator would be able to access, including user details and customer information.In the case of Download Manager, customer information and access to digital products would both be at risk. If an attacker were able to trick an administrator into clicking a link that has been designed to send session cookies to the attacker, add a malicious administrator account, or implement a backdoor on the website, the attacker would also have free reign in the administrator panel, giving them the ability to modify checkout settings and even add fake products to the website.ConclusionIn today’s post, we discussed a reflected Cross-Site Scripting (XSS) vulnerability in Download Manager. While this would require tricking an administrator into clicking a link or performing some other action, it still offers the potential for site takeover. As such we urge you to update to the latest version of this plugin, 3.2.43 as of this writing, as soon as possible.All Wordfence users, including Free, Premium, Care, and Response, are protected from exploits targeting this vulnerability.

Tag

#wordpress